Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/4A1F2E84E1C111EE958DFA34C4F9AE02.roa
File: 4A1F2E84E1C111EE958DFA34C4F9AE02.roa (raw, json)
Hash identifier: K6AGA/jS+zLeDn79qNZZNlJnJV+/lLc+7oUYoTgYyE0=
Subject key identifier: F6:25:56:EA:33:FA:C2:48:C9:49:BC:6F:31:0D:41:5F:08:CD:8E:B8
Certificate issuer: /CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Certificate serial: 1DAF
Authority key identifier: AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/4A1F2E84E1C111EE958DFA34C4F9AE02.roa
Signing time: Thu 14 Mar 2024 11:24:04 +0000
ROA not before: Thu 14 Mar 2024 11:24:04 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 58659
IP address blocks: 202.179.77.0/24 maxlen: 24
202.179.78.0/23 maxlen: 24
202.179.80.0/24 maxlen: 24
202.179.85.0/24 maxlen: 24
202.179.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 11:54:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7599 (0x1daf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Validity
Not Before: Mar 14 11:24:04 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65f2de54-75e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:78:aa:2f:ca:ce:38:d4:cf:12:7f:c0:a3:fa:
dd:ea:f6:e2:88:65:f0:6e:4f:80:ed:ef:53:5c:33:
a8:6d:d6:0a:30:cd:5c:72:c1:9e:b2:cc:b2:8c:dd:
2b:06:89:6f:cc:85:8c:87:b8:7a:4a:33:4e:39:be:
64:a6:2c:b4:cf:1d:57:c6:16:cb:a9:03:67:c3:cf:
65:fb:66:d6:a7:94:26:66:84:12:93:3a:bf:0b:69:
29:08:d1:f2:2b:37:4e:f3:a5:39:30:b8:57:4d:60:
a5:55:66:ed:a8:e1:85:81:dc:c0:b0:04:38:33:50:
b6:2e:e7:1b:0d:b6:16:4c:50:10:78:d7:cd:d0:f4:
f4:f7:0e:28:2f:fa:be:01:93:2b:2f:09:cf:df:f9:
82:fb:ef:61:ee:8e:bb:04:16:df:14:72:f0:09:f3:
7c:ee:b2:30:4a:4d:8d:01:f0:14:95:db:1c:5b:62:
f8:c4:d8:39:25:b1:f2:c5:cf:5b:89:9f:de:ba:f6:
b2:54:6f:31:1f:f7:3a:5d:11:4b:82:d3:14:6c:ad:
1a:e7:e3:ed:b9:b7:47:f5:33:2b:cd:51:44:e6:1f:
39:6b:64:68:8d:bd:83:6a:e7:49:61:ce:f4:f2:98:
fc:c3:7f:e8:99:2c:b2:c4:33:42:6b:d5:da:63:b6:
ba:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:25:56:EA:33:FA:C2:48:C9:49:BC:6F:31:0D:41:5F:08:CD:8E:B8
X509v3 Authority Key Identifier:
keyid:AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/4A1F2E84E1C111EE958DFA34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.179.77.0-202.179.80.255
202.179.85.0/24
202.179.89.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:f8:99:df:40:94:72:15:a6:1e:d7:70:04:30:9f:38:44:55:
76:9b:f8:eb:13:1a:e4:4e:c6:11:4f:77:e2:cb:b6:58:0b:bd:
03:32:1d:db:91:d3:89:c0:c7:d5:0d:70:aa:6b:04:31:b4:81:
d4:a7:7b:5b:53:14:8d:1e:11:a8:f2:ab:c6:71:5c:07:a8:10:
e0:3f:63:0f:21:69:95:1e:3d:a4:a2:29:48:ac:ed:b4:66:c5:
de:1e:e2:01:5f:e0:3b:c7:97:55:6c:91:ad:dd:81:76:00:70:
c0:5f:69:73:38:c7:f7:4e:27:e7:28:91:6e:2a:4f:d0:94:ec:
a4:90:fd:5a:91:3a:22:74:bb:77:a8:be:5a:0a:37:58:8c:79:
93:c7:75:f9:f1:e0:14:39:82:61:da:2a:e4:bf:52:cc:9c:36:
e8:ed:c8:e3:4b:0b:22:1e:ff:b4:1f:7a:15:69:82:d8:04:09:
f2:0c:a8:83:1c:93:eb:da:0a:ec:31:fb:5b:3c:cf:97:10:c4:
60:19:99:cd:5a:cc:e6:71:93:da:3a:8e:89:36:4d:ae:39:b4:
4d:9d:4b:35:54:82:f4:b3:10:21:2e:bb:19:a1:47:d0:4f:d8:
eb:5a:0e:cc:04:b7:78:5e:3c:18:a0:92:5d:0b:40:68:a2:32:
ed:1c:79:ad
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICHa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUFFNUYxMTAvBgNVBAUTKEFGRTcyN0U0MjA5RENERjgyNzYyNTc0QjVFMzNDODA4
Mzc4N0ExOEYwHhcNMjQwMzE0MTEyNDA0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYyZGU1NC03NWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvniqL8rOONTPEn/Ao/rd6vbiiGXwbk+A7e9TXDOobdYKMM1ccsGessyyjN0r
BolvzIWMh7h6SjNOOb5kpiy0zx1XxhbLqQNnw89l+2bWp5QmZoQSkzq/C2kpCNHy
KzdO86U5MLhXTWClVWbtqOGFgdzAsAQ4M1C2LucbDbYWTFAQeNfN0PT09w4oL/q+
AZMrLwnP3/mC++9h7o67BBbfFHLwCfN87rIwSk2NAfAUldscW2L4xNg5JbHyxc9b
iZ/euvayVG8xH/c6XRFLgtMUbK0a5+PtubdH9TMrzVFE5h85a2Rojb2DaudJYc70
8pj8w3/omSyyxDNCa9XaY7a6vQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFPYlVuoz
+sJIyUm8bzENQV8IzY64MB8GA1UdIwQYMBaAFK/nJ+Qgnc34J2JXS14zyAg3h6GP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUU1Ri84Qjc5QjY3ODg4
NTExMUU2QTY5MkRFNzhDNEY5QUUwMi9yLWNuNUNDZHpmZ25ZbGRMWGpQSUNEZUhv
WTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ItY241Q0NkemZnbllsZExYalBJQ0RlSG9ZOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUFFNUYvOEI3OUI2Nzg4ODUxMTFFNkE2OTJERTc4QzRGOUFFMDIvNEExRjJFODRF
MUMxMTFFRTk1OERGQTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAMqzTQMEAMqzUAMEAMqzVQMEAMqzWTANBgkqhkiG9w0B
AQsFAAOCAQEAo/iZ30CUchWmHtdwBDCfOERVdpv46xMa5E7GEU934su2WAu9AzId
25HTicDH1Q1wqmsEMbSB1Kd7W1MUjR4RqPKrxnFcB6gQ4D9jDyFplR49pKIpSKzt
tGbF3h7iAV/gO8eXVWyRrd2BdgBwwF9pczjH904n5yiRbipP0JTspJD9WpE6InS7
d6i+Wgo3WIx5k8d1+fHgFDmCYdoq5L9SzJw26O3I40sLIh7/tB96FWmC2AQJ8gyo
gxyT69oK7DH7WzzPlxDEYBmZzVrM5nGT2jqOiTZNrjm0TZ1LNVSC9LMQIS67GaFH
0E/Y61oOzAS3eF48GKCSXQtAaKIy7Rx5rQ==
-----END CERTIFICATE-----
Generated at Tue Mar 19 14:59:04 2024 by rpki-client on console-fra.rpki-client.org